Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add logging #7

Open
wants to merge 2 commits into
base: trunk
Choose a base branch
from
Open

Add logging #7

wants to merge 2 commits into from

Conversation

fbegyn
Copy link
Contributor

@fbegyn fbegyn commented Feb 22, 2023

Adds a logging collection stack and configures Grafana to be able to query them. promtail can also be added to the stations, so we can collect logs from them.

Potential improvements: configure promtail to accept rsyslog streams and also configure network devices to send logs.

@mcbloch
Copy link
Contributor

mcbloch commented Feb 23, 2023
edited
Loading

When trying to start docker-compose I get the following error

promtail_1    | level=error ts=2023-02-23T14:19:07.884666368Z caller=main.go:167 msg="error creating promtail" error="failed to make journal target manager: creating journal reader: failed to open journal in directory \"/var/log/journal\": no such file or directory"

I do not have a journal log file on my system. I think there should be a better way to do this without making assumptions on the existence of the log files.

I also think the promtail client is something we want on more systems to collect logs, not only on the monitoring one. Only the monitoring is ran in docker so the promtail deploy should probably just be on the host, not containerized.
As default we could add a promtail in docker that only collects docker logs?

@mcbloch
Copy link
Contributor

mcbloch commented Feb 23, 2023

The extra labels added in the Loki pipeline also don't appear in Grafana for me. I don't have the container_name, image_name, ... labels.

@fbegyn
Copy link
Contributor Author

fbegyn commented Feb 23, 2023

The docker logging did not work on my system (like the journal at yours I guess, I'm blaming this on nixos configuring docker for journald logging). It does seem to contain a stark difference in assumption based on the system.
For the monitoring (and other docker hosts) we should determine which behavior we want and shape the host to match our assumptions for the logging.

I propose the following:

  • on docker hosts accept the current assumption that the docker host is running in json-file logging mode. The other (maybe better option here that requires testing) is the configure docker sd on the docker host.
  • bare metal/VM hosts, assume these systems are running journald and syslog in combination (as is the case on most debian based systems I believe). Implement a config that parses both these and sends the logs to the loki host.

@fbegyn
Copy link
Contributor Author

fbegyn commented Feb 23, 2023

I'm guessing the additional docker labels not being processed will have something to do with the docker log driver.

@klaasg klaasg force-pushed the trunk branch 2 times, most recently from 016697f to b3d5e78 Compare April 28, 2023 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
12UL 23-24
Status: Todo
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fbegyn @mcbloch